Course Outline

OpenLDAP overview

  • Comparison with web and relational databases
  • Entry structure
  • Tree structure
  • Simple searches
  • Attributes Syntaxes and Object Classes
  • RootDSE and subschema subentry
  • LDAP Operations
  • LDIF
  • Command-line tools
  • GUI tools
    • Phpldapadmin - Installation and Configuration

Basic configuration and maintenance

  • Installation from source code and decisions to be made at the build time
  • Installation from packages
  • Server structure: front-end, overlays, back-ends
    • Evolution of disk-based backends
  • Building test servers
  • Differences for production servers
  • Static configuration using slapd.conf
  • Dynamic configuration via cn=config
  • Conversion from slapd.conf to cn=config
  • Monitoring via cn=monitor
  • Backup and restore procedures
  • Conversion from hdb to mdb backend
  • Upgrading between OpenLDAP versions

Authentication and Authorisation using LDAP

  • Bind methods: simple, SASL, public-key, Kerberos
  • Security of passwords: ldap:/// ldaps:/// ldapi:///
  • Representing groups in LDAP
  • Using LDAP for Authentication and authorisation of other services
    • Apache - Basic Auth configuration mechanism
  • Management of system users with OpenLDAP
    • RFC2307 / RFC2307bis / DBIS
    • Configuration of NSS and PAM
    • nss-pam-ldapd vs SSSD

SSL/TLS

  • Certificate hierachies
  • Using TLS with OpenLDAP: Server certs, Client certs and SASL EXTERNAL

Access Control

  • Basic ACLs
  • Limits
  • Access Control Policy
  • Testing ACLs

Distributed directories

  • Replication, Chaining, and Referral
  • Master-slave
  • Mirrormode

Extending the schema

  • Simple Schema Design
  • OIDs
  • Schema definition files
  • Designing the Directory Information Tree

Working with existing applications and services

  • Directory synchronisation and transformation tools
  • LDAP proxies, firewalls and entry mapping

Requirements

No previous knowledge of LDAP is required

  21 Hours
 

Testimonials (3)

Related Courses

Related Categories